mates-auth 1.0.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/dist/index.d.ts +3 -0
  2. package/dist/index.d.ts.map +1 -0
  3. package/dist/index.js +3 -0
  4. package/dist/index.js.map +1 -0
  5. package/dist/sso.d.ts +90 -0
  6. package/dist/sso.d.ts.map +1 -0
  7. package/dist/sso.js +303 -0
  8. package/dist/sso.js.map +1 -0
  9. package/dist/use-arctic.d.ts +101 -0
  10. package/dist/use-arctic.d.ts.map +1 -0
  11. package/dist/use-arctic.js +538 -0
  12. package/dist/use-arctic.js.map +1 -0
  13. package/dist/use-jwt.d.ts +70 -0
  14. package/dist/use-jwt.d.ts.map +1 -0
  15. package/dist/use-jwt.js +274 -0
  16. package/dist/use-jwt.js.map +1 -0
  17. package/package.json +31 -0
package/dist/use-arctic.js ADDED
@@ -0,0 +1,538 @@
1
+ import { Apple, Discord, Facebook, GitHub, GitLab, Google, LinkedIn, MicrosoftEntraId, Spotify, Twitter, decodeIdToken, generateCodeVerifier, generateState, } from "arctic";
2
+ import { onRequest, } from "mates-fullstack";
3
+ const DEFAULT_STATE_MAX_AGE = 60 * 10;
4
+ /**
5
+ * Register social login routes for every configured provider.
6
+ *
7
+ * The framework automatically handles:
8
+ * GET /auth/:provider — redirect to provider
9
+ * GET /auth/:provider/callback — exchange code, call onSuccess, set cookies
10
+ *
11
+ * @example
12
+ * useArctic({
13
+ * google: {
14
+ * clientId: process.env.GOOGLE_CLIENT_ID!,
15
+ * clientSecret: process.env.GOOGLE_CLIENT_SECRET!,
16
+ * onSuccess: async (profile) => {
17
+ * const user = await db.upsert({ provider: profile.provider, providerId: profile.id, ... });
18
+ * return { userId: user.id, email: user.email, roles: user.roles };
19
+ * },
20
+ * },
21
+ * });
22
+ */
23
+ export function useArctic(providers, options = {}) {
24
+ const resolved = resolveOptions(options);
25
+ const normalizedProviders = normalizeProviders(providers);
26
+ onRequest(async (c) => {
27
+ const match = matchArcticRoute(c.req.raw, resolved.basePath);
28
+ if (!match)
29
+ return;
30
+ const entry = normalizedProviders[match.provider];
31
+ if (!entry) {
32
+ return Response.json({
33
+ error: `OAuth provider "${match.provider}" is not configured`,
34
+ configured: Object.keys(normalizedProviders),
35
+ supported: listArcticProviders(),
36
+ }, { status: 404 });
37
+ }
38
+ try {
39
+ if (match.action === "start") {
40
+ return await startOAuth(c.req.raw, c, match.provider, entry, resolved);
41
+ }
42
+ return await finishOAuth(c.req.raw, c, match.provider, entry, resolved);
43
+ }
44
+ catch (error) {
45
+ return handleArcticError(error, resolved);
46
+ }
47
+ });
48
+ }
49
+ /** Define a custom Arctic provider adapter for providers without a built-in profile normalizer. */
50
+ export function arcticProvider(config) {
51
+ return config;
52
+ }
53
+ export function listArcticProviders() {
54
+ return Object.keys(BUILT_IN_PROVIDERS);
55
+ }
56
+ async function startOAuth(req, ctx, providerName, entry, options) {
57
+ const url = new URL(req.url);
58
+ const redirectUri = getRedirectUri(url, providerName, entry.config, options);
59
+ const state = generateState();
60
+ const codeVerifier = entry.handler.usesPKCE || entry.config.usesPKCE
61
+ ? generateCodeVerifier()
62
+ : null;
63
+ const scopes = entry.config.scopes ?? entry.handler.defaultScopes;
64
+ const authUrl = await entry.handler.start({ ...entry.config, scopes }, redirectUri, state, codeVerifier);
65
+ const next = safeRedirectPath(url.searchParams.get("next"), null);
66
+ setTemporaryCookie(ctx, stateCookieName(providerName), state, options);
67
+ if (codeVerifier) {
68
+ setTemporaryCookie(ctx, verifierCookieName(providerName), codeVerifier, options);
69
+ }
70
+ if (next) {
71
+ setTemporaryCookie(ctx, nextCookieName(providerName), next, options);
72
+ }
73
+ return redirectResponse(authUrl.toString());
74
+ }
75
+ async function finishOAuth(req, ctx, providerName, entry, options) {
76
+ const url = new URL(req.url);
77
+ const providerError = url.searchParams.get("error");
78
+ if (providerError) {
79
+ throw new Error(`OAuth provider returned ${providerError}: ${url.searchParams.get("error_description") ?? "No description"}`);
80
+ }
81
+ const code = url.searchParams.get("code");
82
+ const state = url.searchParams.get("state");
83
+ const storedState = ctx.cookie.get(stateCookieName(providerName));
84
+ const codeVerifier = ctx.cookie.get(verifierCookieName(providerName)) ?? null;
85
+ clearTemporaryCookies(ctx, providerName, options);
86
+ if (!code || !state || !storedState || !timingSafeEqual(state, storedState)) {
87
+ return new Response("Invalid OAuth state", { status: 400 });
88
+ }
89
+ const redirectUri = getRedirectUri(url, providerName, entry.config, options);
90
+ const profile = await entry.handler.callback(entry.config, redirectUri, code, codeVerifier, providerName);
91
+ const redirectTo = await entry.config.onSuccess(profile, ctx);
92
+ const next = ctx.cookie.get(nextCookieName(providerName));
93
+ const location = safeRedirectPath(redirectTo ?? null, null) ??
94
+ safeRedirectPath(next, null) ??
95
+ options.afterLogin;
96
+ return redirectResponse(location);
97
+ }
98
+ function handleArcticError(error, options) {
99
+ const message = error instanceof Error ? error.message : String(error);
100
+ if (options.onErrorRedirect) {
101
+ const redirectUrl = new URL(options.onErrorRedirect, "http://mates.local");
102
+ redirectUrl.searchParams.set("error", "oauth_failed");
103
+ return redirectResponse(`${redirectUrl.pathname}${redirectUrl.search}${redirectUrl.hash}`);
104
+ }
105
+ const isProd = process.env.NODE_ENV === "production";
106
+ return Response.json({
107
+ error: "OAuth authentication failed",
108
+ ...(isProd ? {} : { message }),
109
+ }, { status: 400 });
110
+ }
111
+ function normalizeProviders(providers) {
112
+ const normalized = {};
113
+ for (const [rawName, rawConfig] of Object.entries(providers)) {
114
+ if (!rawConfig)
115
+ continue;
116
+ const name = rawName.toLowerCase();
117
+ const maybeCustom = rawConfig;
118
+ const handler = maybeCustom.handler ?? BUILT_IN_PROVIDERS[name];
119
+ if (!handler) {
120
+ throw new Error(`[mates-fullstack-auth] useArctic: "${rawName}" is not built in. ` +
121
+ "Use arcticProvider({ handler, ...config }) for custom Arctic providers.");
122
+ }
123
+ normalized[name] = { config: rawConfig, handler };
124
+ }
125
+ return normalized;
126
+ }
127
+ function resolveOptions(options) {
128
+ const basePath = normalizeBasePath(options.basePath ?? "/auth");
129
+ return {
130
+ basePath,
131
+ afterLogin: safeRedirectPath(options.afterLogin, "/") ?? "/",
132
+ onErrorRedirect: options.onErrorRedirect,
133
+ cookie: {
134
+ path: options.cookie?.path ?? basePath,
135
+ domain: options.cookie?.domain,
136
+ sameSite: options.cookie?.sameSite ?? "lax",
137
+ secure: options.cookie?.secure ?? process.env.NODE_ENV === "production",
138
+ },
139
+ stateMaxAge: options.stateMaxAge ?? DEFAULT_STATE_MAX_AGE,
140
+ };
141
+ }
142
+ function matchArcticRoute(req, basePath) {
143
+ if (req.method !== "GET")
144
+ return null;
145
+ const url = new URL(req.url);
146
+ const path = trimSlashes(url.pathname);
147
+ const base = trimSlashes(basePath);
148
+ const parts = path.split("/").filter(Boolean);
149
+ const baseParts = base ? base.split("/") : [];
150
+ if (parts.length !== baseParts.length + 1 &&
151
+ parts.length !== baseParts.length + 2) {
152
+ return null;
153
+ }
154
+ for (let i = 0; i < baseParts.length; i += 1) {
155
+ if (parts[i] !== baseParts[i])
156
+ return null;
157
+ }
158
+ const provider = parts[baseParts.length]?.toLowerCase();
159
+ if (!provider)
160
+ return null;
161
+ if (parts.length === baseParts.length + 1)
162
+ return { provider, action: "start" };
163
+ if (parts[baseParts.length + 1] === "callback")
164
+ return { provider, action: "callback" };
165
+ return null;
166
+ }
167
+ function getRedirectUri(url, providerName, config, options) {
168
+ return (config.redirectUri ??
169
+ `${url.protocol}//${url.host}${options.basePath}/${providerName}/callback`);
170
+ }
171
+ function setTemporaryCookie(ctx, name, value, options) {
172
+ ctx.cookie.set(name, value, {
173
+ ...options.cookie,
174
+ httpOnly: true,
175
+ maxAge: options.stateMaxAge,
176
+ });
177
+ }
178
+ function clearTemporaryCookies(ctx, providerName, options) {
179
+ const cookieOptions = {
180
+ path: options.cookie.path,
181
+ domain: options.cookie.domain,
182
+ };
183
+ ctx.cookie.delete(stateCookieName(providerName), cookieOptions);
184
+ ctx.cookie.delete(verifierCookieName(providerName), cookieOptions);
185
+ ctx.cookie.delete(nextCookieName(providerName), cookieOptions);
186
+ }
187
+ function stateCookieName(provider) {
188
+ return `mates_oauth_${provider}_state`;
189
+ }
190
+ function verifierCookieName(provider) {
191
+ return `mates_oauth_${provider}_verifier`;
192
+ }
193
+ function nextCookieName(provider) {
194
+ return `mates_oauth_${provider}_next`;
195
+ }
196
+ function redirectResponse(location) {
197
+ return new Response(null, { status: 302, headers: { location } });
198
+ }
199
+ function normalizeBasePath(path) {
200
+ const trimmed = `/${trimSlashes(path)}`;
201
+ return trimmed === "/" ? "" : trimmed;
202
+ }
203
+ function trimSlashes(value) {
204
+ return value.replace(/^\/+|\/+$/g, "");
205
+ }
206
+ function safeRedirectPath(value, fallback) {
207
+ if (!value)
208
+ return fallback;
209
+ return value.startsWith("/") && !value.startsWith("//") ? value : fallback;
210
+ }
211
+ function timingSafeEqual(a, b) {
212
+ const aBytes = new TextEncoder().encode(a);
213
+ const bBytes = new TextEncoder().encode(b);
214
+ if (aBytes.length !== bBytes.length)
215
+ return false;
216
+ let diff = 0;
217
+ for (let i = 0; i < aBytes.length; i += 1) {
218
+ diff |= aBytes[i] ^ bBytes[i];
219
+ }
220
+ return diff === 0;
221
+ }
222
+ function tokenSet(tokens) {
223
+ return {
224
+ accessToken: safeTokenCall(() => tokens.accessToken()),
225
+ refreshToken: tokens.hasRefreshToken()
226
+ ? safeTokenCall(() => tokens.refreshToken())
227
+ : null,
228
+ idToken: safeTokenCall(() => tokens.idToken()),
229
+ tokenType: safeTokenCall(() => tokens.tokenType()),
230
+ expiresAt: safeTokenCall(() => tokens.accessTokenExpiresAt()),
231
+ scopes: tokens.hasScopes() ? safeTokenCall(() => tokens.scopes()) : null,
232
+ raw: tokens.data,
233
+ };
234
+ }
235
+ function safeTokenCall(callback) {
236
+ try {
237
+ return callback();
238
+ }
239
+ catch {
240
+ return null;
241
+ }
242
+ }
243
+ async function fetchJson(url, accessToken, init = {}) {
244
+ const headers = new Headers(init.headers);
245
+ headers.set("authorization", `Bearer ${accessToken}`);
246
+ const res = await fetch(url, { ...init, headers });
247
+ if (!res.ok)
248
+ throw new Error(`OAuth profile fetch failed (${res.status})`);
249
+ return (await res.json());
250
+ }
251
+ function requireAccessToken(tokens, provider) {
252
+ if (!tokens.accessToken) {
253
+ throw new Error(`[mates-fullstack-auth] ${provider} did not return an access token.`);
254
+ }
255
+ return tokens.accessToken;
256
+ }
257
+ function requireAppleConfig(config) {
258
+ if (!config.teamId || !config.keyId || !config.privateKey) {
259
+ throw new Error("[mates-fullstack-auth] Apple OAuth requires teamId, keyId, and privateKey.");
260
+ }
261
+ }
262
+ const github = {
263
+ defaultScopes: ["user:email"],
264
+ usesPKCE: false,
265
+ start(config, redirectUri, state) {
266
+ return new GitHub(config.clientId, config.clientSecret ?? "", redirectUri).createAuthorizationURL(state, config.scopes ?? this.defaultScopes);
267
+ },
268
+ async callback(config, redirectUri, code) {
269
+ const tokens = await new GitHub(config.clientId, config.clientSecret ?? "", redirectUri).validateAuthorizationCode(code);
270
+ if (config.profile)
271
+ return withProvider("github", tokens, await config.profile(tokens, "github"));
272
+ const normalizedTokens = tokenSet(tokens);
273
+ const accessToken = requireAccessToken(normalizedTokens, "github");
274
+ const user = await fetchJson("https://api.github.com/user", accessToken, {
275
+ headers: { "user-agent": "mates-fullstack" },
276
+ });
277
+ let email = typeof user.email === "string" ? user.email : null;
278
+ if (!email) {
279
+ const emails = await fetchJson("https://api.github.com/user/emails", accessToken, { headers: { "user-agent": "mates-fullstack" } });
280
+ email =
281
+ emails.find((item) => item.primary === true && item.verified === true)
282
+ ?.email ??
283
+ emails.find((item) => typeof item.email === "string")
284
+ ?.email ??
285
+ null;
286
+ }
287
+ return {
288
+ provider: "github",
289
+ id: String(user.id),
290
+ email,
291
+ name: stringOrNull(user.name) ?? stringOrNull(user.login),
292
+ username: stringOrNull(user.login),
293
+ avatar: stringOrNull(user.avatar_url),
294
+ raw: user,
295
+ tokens: normalizedTokens,
296
+ };
297
+ },
298
+ };
299
+ const google = {
300
+ defaultScopes: ["openid", "profile", "email"],
301
+ usesPKCE: true,
302
+ start(config, redirectUri, state, codeVerifier) {
303
+ return new Google(config.clientId, config.clientSecret ?? "", redirectUri).createAuthorizationURL(state, codeVerifier ?? "", config.scopes ?? this.defaultScopes);
304
+ },
305
+ async callback(config, redirectUri, code, codeVerifier) {
306
+ const tokens = await new Google(config.clientId, config.clientSecret ?? "", redirectUri).validateAuthorizationCode(code, codeVerifier ?? "");
307
+ if (config.profile)
308
+ return withProvider("google", tokens, await config.profile(tokens, "google"));
309
+ const normalizedTokens = tokenSet(tokens);
310
+ const user = await fetchJson("https://openidconnect.googleapis.com/v1/userinfo", requireAccessToken(normalizedTokens, "google"));
311
+ return {
312
+ provider: "google",
313
+ id: String(user.sub),
314
+ email: stringOrNull(user.email),
315
+ name: stringOrNull(user.name),
316
+ avatar: stringOrNull(user.picture),
317
+ raw: user,
318
+ tokens: normalizedTokens,
319
+ };
320
+ },
321
+ };
322
+ const discord = {
323
+ defaultScopes: ["identify", "email"],
324
+ usesPKCE: false,
325
+ start(config, redirectUri, state) {
326
+ return new Discord(config.clientId, config.clientSecret ?? null, redirectUri).createAuthorizationURL(state, null, config.scopes ?? this.defaultScopes);
327
+ },
328
+ async callback(config, redirectUri, code) {
329
+ const tokens = await new Discord(config.clientId, config.clientSecret ?? null, redirectUri).validateAuthorizationCode(code, null);
330
+ if (config.profile)
331
+ return withProvider("discord", tokens, await config.profile(tokens, "discord"));
332
+ const normalizedTokens = tokenSet(tokens);
333
+ const user = await fetchJson("https://discord.com/api/users/@me", requireAccessToken(normalizedTokens, "discord"));
334
+ const avatarHash = stringOrNull(user.avatar);
335
+ const id = String(user.id);
336
+ return {
337
+ provider: "discord",
338
+ id,
339
+ email: stringOrNull(user.email),
340
+ name: stringOrNull(user.global_name) ?? stringOrNull(user.username),
341
+ username: stringOrNull(user.username),
342
+ avatar: avatarHash
343
+ ? `https://cdn.discordapp.com/avatars/${id}/${avatarHash}.png`
344
+ : null,
345
+ raw: user,
346
+ tokens: normalizedTokens,
347
+ };
348
+ },
349
+ };
350
+ const microsoft = {
351
+ defaultScopes: ["openid", "profile", "email"],
352
+ usesPKCE: true,
353
+ start(config, redirectUri, state, codeVerifier) {
354
+ return new MicrosoftEntraId(config.tenant ?? "common", config.clientId, config.clientSecret ?? null, redirectUri).createAuthorizationURL(state, codeVerifier ?? "", config.scopes ?? this.defaultScopes);
355
+ },
356
+ async callback(config, redirectUri, code, codeVerifier) {
357
+ const tokens = await new MicrosoftEntraId(config.tenant ?? "common", config.clientId, config.clientSecret ?? null, redirectUri).validateAuthorizationCode(code, codeVerifier ?? "");
358
+ if (config.profile)
359
+ return withProvider("microsoft", tokens, await config.profile(tokens, "microsoft"));
360
+ const normalizedTokens = tokenSet(tokens);
361
+ const user = await fetchJson("https://graph.microsoft.com/oidc/userinfo", requireAccessToken(normalizedTokens, "microsoft"));
362
+ return {
363
+ provider: "microsoft",
364
+ id: String(user.sub),
365
+ email: stringOrNull(user.email),
366
+ name: stringOrNull(user.name),
367
+ avatar: stringOrNull(user.picture),
368
+ raw: user,
369
+ tokens: normalizedTokens,
370
+ };
371
+ },
372
+ };
373
+ const twitter = {
374
+ defaultScopes: ["users.read", "tweet.read"],
375
+ usesPKCE: true,
376
+ start(config, redirectUri, state, codeVerifier) {
377
+ return new Twitter(config.clientId, config.clientSecret ?? null, redirectUri).createAuthorizationURL(state, codeVerifier ?? "", config.scopes ?? this.defaultScopes);
378
+ },
379
+ async callback(config, redirectUri, code, codeVerifier) {
380
+ const tokens = await new Twitter(config.clientId, config.clientSecret ?? null, redirectUri).validateAuthorizationCode(code, codeVerifier ?? "");
381
+ if (config.profile)
382
+ return withProvider("twitter", tokens, await config.profile(tokens, "twitter"));
383
+ const normalizedTokens = tokenSet(tokens);
384
+ const { data } = await fetchJson("https://api.twitter.com/2/users/me?user.fields=profile_image_url,name,username", requireAccessToken(normalizedTokens, "twitter"));
385
+ return {
386
+ provider: "twitter",
387
+ id: String(data.id),
388
+ email: null,
389
+ name: stringOrNull(data.name) ?? stringOrNull(data.username),
390
+ username: stringOrNull(data.username),
391
+ avatar: stringOrNull(data.profile_image_url),
392
+ raw: data,
393
+ tokens: normalizedTokens,
394
+ };
395
+ },
396
+ };
397
+ const linkedin = {
398
+ defaultScopes: ["openid", "profile", "email"],
399
+ usesPKCE: false,
400
+ start(config, redirectUri, state) {
401
+ return new LinkedIn(config.clientId, config.clientSecret ?? "", redirectUri).createAuthorizationURL(state, config.scopes ?? this.defaultScopes);
402
+ },
403
+ async callback(config, redirectUri, code) {
404
+ const tokens = await new LinkedIn(config.clientId, config.clientSecret ?? "", redirectUri).validateAuthorizationCode(code);
405
+ if (config.profile)
406
+ return withProvider("linkedin", tokens, await config.profile(tokens, "linkedin"));
407
+ const normalizedTokens = tokenSet(tokens);
408
+ const user = await fetchJson("https://api.linkedin.com/v2/userinfo", requireAccessToken(normalizedTokens, "linkedin"));
409
+ return {
410
+ provider: "linkedin",
411
+ id: String(user.sub),
412
+ email: stringOrNull(user.email),
413
+ name: stringOrNull(user.name),
414
+ avatar: stringOrNull(user.picture),
415
+ raw: user,
416
+ tokens: normalizedTokens,
417
+ };
418
+ },
419
+ };
420
+ const facebook = {
421
+ defaultScopes: ["email", "public_profile"],
422
+ usesPKCE: false,
423
+ start(config, redirectUri, state) {
424
+ return new Facebook(config.clientId, config.clientSecret ?? "", redirectUri).createAuthorizationURL(state, config.scopes ?? this.defaultScopes);
425
+ },
426
+ async callback(config, redirectUri, code) {
427
+ const tokens = await new Facebook(config.clientId, config.clientSecret ?? "", redirectUri).validateAuthorizationCode(code);
428
+ if (config.profile)
429
+ return withProvider("facebook", tokens, await config.profile(tokens, "facebook"));
430
+ const normalizedTokens = tokenSet(tokens);
431
+ const user = await fetchJson("https://graph.facebook.com/me?fields=id,name,email,picture.type(large)", requireAccessToken(normalizedTokens, "facebook"));
432
+ const picture = user.picture;
433
+ return {
434
+ provider: "facebook",
435
+ id: String(user.id),
436
+ email: stringOrNull(user.email),
437
+ name: stringOrNull(user.name),
438
+ avatar: stringOrNull(picture?.data?.url),
439
+ raw: user,
440
+ tokens: normalizedTokens,
441
+ };
442
+ },
443
+ };
444
+ const apple = {
445
+ defaultScopes: ["name", "email"],
446
+ usesPKCE: false,
447
+ start(config, redirectUri, state) {
448
+ requireAppleConfig(config);
449
+ return new Apple(config.clientId, config.teamId, config.keyId, new TextEncoder().encode(config.privateKey), redirectUri).createAuthorizationURL(state, config.scopes ?? this.defaultScopes);
450
+ },
451
+ async callback(config, redirectUri, code) {
452
+ requireAppleConfig(config);
453
+ const tokens = await new Apple(config.clientId, config.teamId, config.keyId, new TextEncoder().encode(config.privateKey), redirectUri).validateAuthorizationCode(code);
454
+ if (config.profile)
455
+ return withProvider("apple", tokens, await config.profile(tokens, "apple"));
456
+ const normalizedTokens = tokenSet(tokens);
457
+ const claims = normalizedTokens.idToken
458
+ ? decodeIdToken(normalizedTokens.idToken)
459
+ : {};
460
+ return {
461
+ provider: "apple",
462
+ id: String(claims.sub),
463
+ email: stringOrNull(claims.email),
464
+ name: null,
465
+ avatar: null,
466
+ raw: claims,
467
+ tokens: normalizedTokens,
468
+ };
469
+ },
470
+ };
471
+ const spotify = {
472
+ defaultScopes: ["user-read-email", "user-read-private"],
473
+ usesPKCE: false,
474
+ start(config, redirectUri, state) {
475
+ return new Spotify(config.clientId, config.clientSecret ?? null, redirectUri).createAuthorizationURL(state, null, config.scopes ?? this.defaultScopes);
476
+ },
477
+ async callback(config, redirectUri, code) {
478
+ const tokens = await new Spotify(config.clientId, config.clientSecret ?? null, redirectUri).validateAuthorizationCode(code, null);
479
+ if (config.profile)
480
+ return withProvider("spotify", tokens, await config.profile(tokens, "spotify"));
481
+ const normalizedTokens = tokenSet(tokens);
482
+ const user = await fetchJson("https://api.spotify.com/v1/me", requireAccessToken(normalizedTokens, "spotify"));
483
+ const images = user.images;
484
+ return {
485
+ provider: "spotify",
486
+ id: String(user.id),
487
+ email: stringOrNull(user.email),
488
+ name: stringOrNull(user.display_name),
489
+ avatar: stringOrNull(images?.[0]?.url),
490
+ raw: user,
491
+ tokens: normalizedTokens,
492
+ };
493
+ },
494
+ };
495
+ const gitlab = {
496
+ defaultScopes: ["read_user"],
497
+ usesPKCE: false,
498
+ start(config, redirectUri, state) {
499
+ return new GitLab(config.baseURL ?? "https://gitlab.com", config.clientId, config.clientSecret ?? null, redirectUri).createAuthorizationURL(state, config.scopes ?? this.defaultScopes);
500
+ },
501
+ async callback(config, redirectUri, code) {
502
+ const baseURL = config.baseURL ?? "https://gitlab.com";
503
+ const tokens = await new GitLab(baseURL, config.clientId, config.clientSecret ?? null, redirectUri).validateAuthorizationCode(code);
504
+ if (config.profile)
505
+ return withProvider("gitlab", tokens, await config.profile(tokens, "gitlab"));
506
+ const normalizedTokens = tokenSet(tokens);
507
+ const user = await fetchJson(`${baseURL.replace(/\/+$/g, "")}/api/v4/user`, requireAccessToken(normalizedTokens, "gitlab"));
508
+ return {
509
+ provider: "gitlab",
510
+ id: String(user.id),
511
+ email: stringOrNull(user.email),
512
+ name: stringOrNull(user.name) ?? stringOrNull(user.username),
513
+ username: stringOrNull(user.username),
514
+ avatar: stringOrNull(user.avatar_url),
515
+ raw: user,
516
+ tokens: normalizedTokens,
517
+ };
518
+ },
519
+ };
520
+ function withProvider(provider, tokens, profile) {
521
+ return { ...profile, provider, tokens: tokenSet(tokens) };
522
+ }
523
+ function stringOrNull(value) {
524
+ return typeof value === "string" && value.length > 0 ? value : null;
525
+ }
526
+ const BUILT_IN_PROVIDERS = {
527
+ apple,
528
+ discord,
529
+ facebook,
530
+ github,
531
+ gitlab,
532
+ google,
533
+ linkedin,
534
+ microsoft,
535
+ spotify,
536
+ twitter,
537
+ };
538
+ //# sourceMappingURL=use-arctic.js.map
package/dist/use-arctic.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"use-arctic.js","sourceRoot":"","sources":["../src/use-arctic.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,EACL,OAAO,EACP,QAAQ,EACR,MAAM,EACN,MAAM,EACN,MAAM,EACN,QAAQ,EACR,gBAAgB,EAChB,OAAO,EACP,OAAO,EACP,aAAa,EACb,oBAAoB,EACpB,aAAa,GAEd,MAAM,QAAQ,CAAC;AAChB,OAAO,EACL,SAAS,GAIV,MAAM,iBAAiB,CAAC;AAgIzB,MAAM,qBAAqB,GAAG,EAAE,GAAG,EAAE,CAAC;AAEtC;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,UAAU,SAAS,CACvB,SAAgC,EAChC,UAA4B,EAAE;IAE9B,MAAM,QAAQ,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;IACzC,MAAM,mBAAmB,GAAG,kBAAkB,CAAC,SAAS,CAAC,CAAC;IAE1D,SAAS,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;QACpB,MAAM,KAAK,GAAG,gBAAgB,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAC7D,IAAI,CAAC,KAAK;YAAE,OAAO;QAEnB,MAAM,KAAK,GAAG,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAClD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,QAAQ,CAAC,IAAI,CAClB;gBACE,KAAK,EAAE,mBAAmB,KAAK,CAAC,QAAQ,qBAAqB;gBAC7D,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC;gBAC5C,SAAS,EAAE,mBAAmB,EAAE;aACjC,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YACH,IAAI,KAAK,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;gBAC7B,OAAO,MAAM,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,QAAQ,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC;YACzE,CAAC;YACD,OAAO,MAAM,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,QAAQ,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC;QAC1E,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,iBAAiB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED,mGAAmG;AACnG,MAAM,UAAU,cAAc,CAC5B,MAA4B;IAE5B,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,UAAU,mBAAmB;IACjC,OAAO,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAA4B,CAAC;AACpE,CAAC;AAED,KAAK,UAAU,UAAU,CACvB,GAAY,EACZ,GAAY,EACZ,YAAoB,EACpB,KAAyB,EACzB,OAA8B;IAE9B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,WAAW,GAAG,cAAc,CAAC,GAAG,EAAE,YAAY,EAAE,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC7E,MAAM,KAAK,GAAG,aAAa,EAAE,CAAC;IAC9B,MAAM,YAAY,GAChB,KAAK,CAAC,OAAO,CAAC,QAAQ,IAAI,KAAK,CAAC,MAAM,CAAC,QAAQ;QAC7C,CAAC,CAAC,oBAAoB,EAAE;QACxB,CAAC,CAAC,IAAI,CAAC;IACX,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC;IAClE,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,KAAK,CACvC,EAAE,GAAG,KAAK,CAAC,MAAM,EAAE,MAAM,EAAE,EAC3B,WAAW,EACX,KAAK,EACL,YAAY,CACb,CAAC;IACF,MAAM,IAAI,GAAG,gBAAgB,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC;IAElE,kBAAkB,CAAC,GAAG,EAAE,eAAe,CAAC,YAAY,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;IACvE,IAAI,YAAY,EAAE,CAAC;QACjB,kBAAkB,CAChB,GAAG,EACH,kBAAkB,CAAC,YAAY,CAAC,EAChC,YAAY,EACZ,OAAO,CACR,CAAC;IACJ,CAAC;IACD,IAAI,IAAI,EAAE,CAAC;QACT,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,YAAY,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IACvE,CAAC;IAED,OAAO,gBAAgB,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;AAC9C,CAAC;AAED,KAAK,UAAU,WAAW,CACxB,GAAY,EACZ,GAAY,EACZ,YAAoB,EACpB,KAAyB,EACzB,OAA8B;IAE9B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,aAAa,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACpD,IAAI,aAAa,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CACb,2BAA2B,aAAa,KAAK,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,gBAAgB,EAAE,CAC7G,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC1C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAC5C,MAAM,WAAW,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,YAAY,CAAC,CAAC,CAAC;IAClE,MAAM,YAAY,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,kBAAkB,CAAC,YAAY,CAAC,CAAC,IAAI,IAAI,CAAC;IAE9E,qBAAqB,CAAC,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;IAElD,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,WAAW,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,WAAW,CAAC,EAAE,CAAC;QAC5E,OAAO,IAAI,QAAQ,CAAC,qBAAqB,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,WAAW,GAAG,cAAc,CAAC,GAAG,EAAE,YAAY,EAAE,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC7E,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,QAAQ,CAC1C,KAAK,CAAC,MAAM,EACZ,WAAW,EACX,IAAI,EACJ,YAAY,EACZ,YAAY,CACb,CAAC;IAEF,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAE9D,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC,CAAC;IAC1D,MAAM,QAAQ,GACZ,gBAAgB,CAAC,UAAU,IAAI,IAAI,EAAE,IAAI,CAAC;QAC1C,gBAAgB,CAAC,IAAI,EAAE,IAAI,CAAC;QAC5B,OAAO,CAAC,UAAU,CAAC;IACrB,OAAO,gBAAgB,CAAC,QAAQ,CAAC,CAAC;AACpC,CAAC;AAED,SAAS,iBAAiB,CACxB,KAAc,EACd,OAA8B;IAE9B,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACvE,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;QAC5B,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,eAAe,EAAE,oBAAoB,CAAC,CAAC;QAC3E,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;QACtD,OAAO,gBAAgB,CACrB,GAAG,WAAW,CAAC,QAAQ,GAAG,WAAW,CAAC,MAAM,GAAG,WAAW,CAAC,IAAI,EAAE,CAClE,CAAC;IACJ,CAAC;IACD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;IACrD,OAAO,QAAQ,CAAC,IAAI,CAClB;QACE,KAAK,EAAE,6BAA6B;QACpC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC;KAC/B,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;AACJ,CAAC;AAOD,SAAS,kBAAkB,CACzB,SAAgC;IAEhC,MAAM,UAAU,GAAuC,EAAE,CAAC;IAC1D,KAAK,MAAM,CAAC,OAAO,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QAC7D,IAAI,CAAC,SAAS;YAAE,SAAS;QACzB,MAAM,IAAI,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;QACnC,MAAM,WAAW,GAAG,SAAiC,CAAC;QACtD,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,IAAI,kBAAkB,CAAC,IAAI,CAAC,CAAC;QAChE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CACb,sCAAsC,OAAO,qBAAqB;gBAChE,yEAAyE,CAC5E,CAAC;QACJ,CAAC;QACD,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC;IACpD,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,SAAS,cAAc,CAAC,OAAyB;IAC/C,MAAM,QAAQ,GAAG,iBAAiB,CAAC,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,CAAC;IAChE,OAAO;QACL,QAAQ;QACR,UAAU,EAAE,gBAAgB,CAAC,OAAO,CAAC,UAAU,EAAE,GAAG,CAAC,IAAI,GAAG;QAC5D,eAAe,EAAE,OAAO,CAAC,eAAe;QACxC,MAAM,EAAE;YACN,IAAI,EAAE,OAAO,CAAC,MAAM,EAAE,IAAI,IAAI,QAAQ;YACtC,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,MAAM;YAC9B,QAAQ,EAAE,OAAO,CAAC,MAAM,EAAE,QAAQ,IAAI,KAAK;YAC3C,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;SACxE;QACD,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,qBAAqB;KAC1D,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CACvB,GAAY,EACZ,QAAgB;IAEhB,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK;QAAE,OAAO,IAAI,CAAC;IACtC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,IAAI,GAAG,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACvC,MAAM,IAAI,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;IACnC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAE9C,IACE,KAAK,CAAC,MAAM,KAAK,SAAS,CAAC,MAAM,GAAG,CAAC;QACrC,KAAK,CAAC,MAAM,KAAK,SAAS,CAAC,MAAM,GAAG,CAAC,EACrC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7C,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;IAC7C,CAAC;IAED,MAAM,QAAQ,GAAG,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,WAAW,EAAE,CAAC;IACxD,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAC3B,IAAI,KAAK,CAAC,MAAM,KAAK,SAAS,CAAC,MAAM,GAAG,CAAC;QACvC,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;IACvC,IAAI,KAAK,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,UAAU;QAC5C,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;IAC1C,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,cAAc,CACrB,GAAQ,EACR,YAAoB,EACpB,MAA4B,EAC5B,OAA8B;IAE9B,OAAO,CACL,MAAM,CAAC,WAAW;QAClB,GAAG,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,IAAI,GAAG,OAAO,CAAC,QAAQ,IAAI,YAAY,WAAW,CAC3E,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CACzB,GAAY,EACZ,IAAY,EACZ,KAAa,EACb,OAA8B;IAE9B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE;QAC1B,GAAG,OAAO,CAAC,MAAM;QACjB,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,OAAO,CAAC,WAAW;KAC5B,CAAC,CAAC;AACL,CAAC;AAED,SAAS,qBAAqB,CAC5B,GAAY,EACZ,YAAoB,EACpB,OAA8B;IAE9B,MAAM,aAAa,GAAG;QACpB,IAAI,EAAE,OAAO,CAAC,MAAM,CAAC,IAAI;QACzB,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM;KAC9B,CAAC;IACF,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,YAAY,CAAC,EAAE,aAAa,CAAC,CAAC;IAChE,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,YAAY,CAAC,EAAE,aAAa,CAAC,CAAC;IACnE,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,YAAY,CAAC,EAAE,aAAa,CAAC,CAAC;AACjE,CAAC;AAED,SAAS,eAAe,CAAC,QAAgB;IACvC,OAAO,eAAe,QAAQ,QAAQ,CAAC;AACzC,CAAC;AAED,SAAS,kBAAkB,CAAC,QAAgB;IAC1C,OAAO,eAAe,QAAQ,WAAW,CAAC;AAC5C,CAAC;AAED,SAAS,cAAc,CAAC,QAAgB;IACtC,OAAO,eAAe,QAAQ,OAAO,CAAC;AACxC,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAgB;IACxC,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAC;AACpE,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAY;IACrC,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;IACxC,OAAO,OAAO,KAAK,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;AACxC,CAAC;AAED,SAAS,WAAW,CAAC,KAAa;IAChC,OAAO,KAAK,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;AACzC,CAAC;AAED,SAAS,gBAAgB,CACvB,KAAgC,EAChC,QAAuB;IAEvB,IAAI,CAAC,KAAK;QAAE,OAAO,QAAQ,CAAC;IAC5B,OAAO,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC;AAC7E,CAAC;AAED,SAAS,eAAe,CAAC,CAAS,EAAE,CAAS;IAC3C,MAAM,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAC3C,IAAI,MAAM,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAClD,IAAI,IAAI,GAAG,CAAC,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC1C,IAAI,IAAI,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IAChC,CAAC;IACD,OAAO,IAAI,KAAK,CAAC,CAAC;AACpB,CAAC;AAED,SAAS,QAAQ,CAAC,MAAoB;IACpC,OAAO;QACL,WAAW,EAAE,aAAa,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;QACtD,YAAY,EAAE,MAAM,CAAC,eAAe,EAAE;YACpC,CAAC,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YAC5C,CAAC,CAAC,IAAI;QACR,OAAO,EAAE,aAAa,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QAC9C,SAAS,EAAE,aAAa,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;QAClD,SAAS,EAAE,aAAa,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,oBAAoB,EAAE,CAAC;QAC7D,MAAM,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI;QACxE,GAAG,EAAE,MAAM,CAAC,IAAI;KACjB,CAAC;AACJ,CAAC;AAED,SAAS,aAAa,CAAI,QAAiB;IACzC,IAAI,CAAC;QACH,OAAO,QAAQ,EAAE,CAAC;IACpB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,SAAS,CACtB,GAAW,EACX,WAAmB,EACnB,OAAoB,EAAE;IAEtB,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC1C,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,WAAW,EAAE,CAAC,CAAC;IACtD,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;IACnD,IAAI,CAAC,GAAG,CAAC,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC;IAC3E,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAM,CAAC;AACjC,CAAC;AAED,SAAS,kBAAkB,CAAC,MAAsB,EAAE,QAAgB;IAClE,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,0BAA0B,QAAQ,kCAAkC,CACrE,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC,WAAW,CAAC;AAC5B,CAAC;AAED,SAAS,kBAAkB,CACzB,MAA4B;IAM5B,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;QAC1D,MAAM,IAAI,KAAK,CACb,4EAA4E,CAC7E,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,MAAM,GAA0B;IACpC,aAAa,EAAE,CAAC,YAAY,CAAC;IAC7B,QAAQ,EAAE,KAAK;IACf,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,KAAK;QAC9B,OAAO,IAAI,MAAM,CACf,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,EAAE,EACzB,WAAW,CACZ,CAAC,sBAAsB,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,aAAa,CAAC,CAAC;IACvE,CAAC;IACD,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI;QACtC,MAAM,MAAM,GAAG,MAAM,IAAI,MAAM,CAC7B,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,EAAE,EACzB,WAAW,CACZ,CAAC,yBAAyB,CAAC,IAAI,CAAC,CAAC;QAClC,IAAI,MAAM,CAAC,OAAO;YAChB,OAAO,YAAY,CACjB,QAAQ,EACR,MAAM,EACN,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,QAAQ,CAAC,CACvC,CAAC;QAEJ,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,WAAW,GAAG,kBAAkB,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CAAC;QACnE,MAAM,IAAI,GAAG,MAAM,SAAS,CAC1B,6BAA6B,EAC7B,WAAW,EACX;YACE,OAAO,EAAE,EAAE,YAAY,EAAE,iBAAiB,EAAE;SAC7C,CACF,CAAC;QACF,IAAI,KAAK,GAAG,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;QAC/D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,MAAM,GAAG,MAAM,SAAS,CAC5B,oCAAoC,EACpC,WAAW,EACX,EAAE,OAAO,EAAE,EAAE,YAAY,EAAE,iBAAiB,EAAE,EAAE,CACjD,CAAC;YACF,KAAK;gBACF,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,KAAK,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,CAAC;oBACrE,EAAE,KAAgB;oBACnB,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,CAAC;wBACpD,EAAE,KAAgB;oBACpB,IAAI,CAAC;QACT,CAAC;QACD,OAAO;YACL,QAAQ,EAAE,QAAQ;YAClB,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;YACnB,KAAK;YACL,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC;YACzD,QAAQ,EAAE,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC;YAClC,MAAM,EAAE,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC;YACrC,GAAG,EAAE,IAAI;YACT,MAAM,EAAE,gBAAgB;SACzB,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,MAAM,MAAM,GAA0B;IACpC,aAAa,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;IAC7C,QAAQ,EAAE,IAAI;IACd,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,YAAY;QAC5C,OAAO,IAAI,MAAM,CACf,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,EAAE,EACzB,WAAW,CACZ,CAAC,sBAAsB,CACtB,KAAK,EACL,YAAY,IAAI,EAAE,EAClB,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,aAAa,CACpC,CAAC;IACJ,CAAC;IACD,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,YAAY;QACpD,MAAM,MAAM,GAAG,MAAM,IAAI,MAAM,CAC7B,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,EAAE,EACzB,WAAW,CACZ,CAAC,yBAAyB,CAAC,IAAI,EAAE,YAAY,IAAI,EAAE,CAAC,CAAC;QACtD,IAAI,MAAM,CAAC,OAAO;YAChB,OAAO,YAAY,CACjB,QAAQ,EACR,MAAM,EACN,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,QAAQ,CAAC,CACvC,CAAC;QAEJ,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,IAAI,GAAG,MAAM,SAAS,CAC1B,kDAAkD,EAClD,kBAAkB,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CAC/C,CAAC;QACF,OAAO;YACL,QAAQ,EAAE,QAAQ;YAClB,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;YACpB,KAAK,EAAE,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC;YAC/B,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC;YAC7B,MAAM,EAAE,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,IAAI;YACT,MAAM,EAAE,gBAAgB;SACzB,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,MAAM,OAAO,GAA0B;IACrC,aAAa,EAAE,CAAC,UAAU,EAAE,OAAO,CAAC;IACpC,QAAQ,EAAE,KAAK;IACf,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,KAAK;QAC9B,OAAO,IAAI,OAAO,CAChB,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,IAAI,EAC3B,WAAW,CACZ,CAAC,sBAAsB,CAAC,KAAK,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,aAAa,CAAC,CAAC;IAC7E,CAAC;IACD,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI;QACtC,MAAM,MAAM,GAAG,MAAM,IAAI,OAAO,CAC9B,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,IAAI,EAC3B,WAAW,CACZ,CAAC,yBAAyB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACxC,IAAI,MAAM,CAAC,OAAO;YAChB,OAAO,YAAY,CACjB,SAAS,EACT,MAAM,EACN,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,CACxC,CAAC;QAEJ,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,IAAI,GAAG,MAAM,SAAS,CAC1B,mCAAmC,EACnC,kBAAkB,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAChD,CAAC;QACF,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC7C,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC3B,OAAO;YACL,QAAQ,EAAE,SAAS;YACnB,EAAE;YACF,KAAK,EAAE,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC;YAC/B,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC;YACnE,QAAQ,EAAE,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC;YACrC,MAAM,EAAE,UAAU;gBAChB,CAAC,CAAC,sCAAsC,EAAE,IAAI,UAAU,MAAM;gBAC9D,CAAC,CAAC,IAAI;YACR,GAAG,EAAE,IAAI;YACT,MAAM,EAAE,gBAAgB;SACzB,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,MAAM,SAAS,GAA0B;IACvC,aAAa,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;IAC7C,QAAQ,EAAE,IAAI;IACd,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,YAAY;QAC5C,OAAO,IAAI,gBAAgB,CACzB,MAAM,CAAC,MAAM,IAAI,QAAQ,EACzB,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,IAAI,EAC3B,WAAW,CACZ,CAAC,sBAAsB,CACtB,KAAK,EACL,YAAY,IAAI,EAAE,EAClB,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,aAAa,CACpC,CAAC;IACJ,CAAC;IACD,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,YAAY;QACpD,MAAM,MAAM,GAAG,MAAM,IAAI,gBAAgB,CACvC,MAAM,CAAC,MAAM,IAAI,QAAQ,EACzB,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,IAAI,EAC3B,WAAW,CACZ,CAAC,yBAAyB,CAAC,IAAI,EAAE,YAAY,IAAI,EAAE,CAAC,CAAC;QACtD,IAAI,MAAM,CAAC,OAAO;YAChB,OAAO,YAAY,CACjB,WAAW,EACX,MAAM,EACN,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,WAAW,CAAC,CAC1C,CAAC;QAEJ,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,IAAI,GAAG,MAAM,SAAS,CAC1B,2CAA2C,EAC3C,kBAAkB,CAAC,gBAAgB,EAAE,WAAW,CAAC,CAClD,CAAC;QACF,OAAO;YACL,QAAQ,EAAE,WAAW;YACrB,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;YACpB,KAAK,EAAE,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC;YAC/B,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC;YAC7B,MAAM,EAAE,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,IAAI;YACT,MAAM,EAAE,gBAAgB;SACzB,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,MAAM,OAAO,GAA0B;IACrC,aAAa,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC;IAC3C,QAAQ,EAAE,IAAI;IACd,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,YAAY;QAC5C,OAAO,IAAI,OAAO,CAChB,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,IAAI,EAC3B,WAAW,CACZ,CAAC,sBAAsB,CACtB,KAAK,EACL,YAAY,IAAI,EAAE,EAClB,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,aAAa,CACpC,CAAC;IACJ,CAAC;IACD,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,YAAY;QACpD,MAAM,MAAM,GAAG,MAAM,IAAI,OAAO,CAC9B,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,IAAI,EAC3B,WAAW,CACZ,CAAC,yBAAyB,CAAC,IAAI,EAAE,YAAY,IAAI,EAAE,CAAC,CAAC;QACtD,IAAI,MAAM,CAAC,OAAO;YAChB,OAAO,YAAY,CACjB,SAAS,EACT,MAAM,EACN,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,CACxC,CAAC;QAEJ,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,SAAS,CAC9B,gFAAgF,EAChF,kBAAkB,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAChD,CAAC;QACF,OAAO;YACL,QAAQ,EAAE,SAAS;YACnB,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;YACnB,KAAK,EAAE,IAAI;YACX,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC;YAC5D,QAAQ,EAAE,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC;YACrC,MAAM,EAAE,YAAY,CAAC,IAAI,CAAC,iBAAiB,CAAC;YAC5C,GAAG,EAAE,IAAI;YACT,MAAM,EAAE,gBAAgB;SACzB,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,MAAM,QAAQ,GAA0B;IACtC,aAAa,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;IAC7C,QAAQ,EAAE,KAAK;IACf,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,KAAK;QAC9B,OAAO,IAAI,QAAQ,CACjB,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,EAAE,EACzB,WAAW,CACZ,CAAC,sBAAsB,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,aAAa,CAAC,CAAC;IACvE,CAAC;IACD,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI;QACtC,MAAM,MAAM,GAAG,MAAM,IAAI,QAAQ,CAC/B,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,EAAE,EACzB,WAAW,CACZ,CAAC,yBAAyB,CAAC,IAAI,CAAC,CAAC;QAClC,IAAI,MAAM,CAAC,OAAO;YAChB,OAAO,YAAY,CACjB,UAAU,EACV,MAAM,EACN,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,UAAU,CAAC,CACzC,CAAC;QAEJ,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,IAAI,GAAG,MAAM,SAAS,CAC1B,sCAAsC,EACtC,kBAAkB,CAAC,gBAAgB,EAAE,UAAU,CAAC,CACjD,CAAC;QACF,OAAO;YACL,QAAQ,EAAE,UAAU;YACpB,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;YACpB,KAAK,EAAE,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC;YAC/B,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC;YAC7B,MAAM,EAAE,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,IAAI;YACT,MAAM,EAAE,gBAAgB;SACzB,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,MAAM,QAAQ,GAA0B;IACtC,aAAa,EAAE,CAAC,OAAO,EAAE,gBAAgB,CAAC;IAC1C,QAAQ,EAAE,KAAK;IACf,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,KAAK;QAC9B,OAAO,IAAI,QAAQ,CACjB,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,EAAE,EACzB,WAAW,CACZ,CAAC,sBAAsB,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,aAAa,CAAC,CAAC;IACvE,CAAC;IACD,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI;QACtC,MAAM,MAAM,GAAG,MAAM,IAAI,QAAQ,CAC/B,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,EAAE,EACzB,WAAW,CACZ,CAAC,yBAAyB,CAAC,IAAI,CAAC,CAAC;QAClC,IAAI,MAAM,CAAC,OAAO;YAChB,OAAO,YAAY,CACjB,UAAU,EACV,MAAM,EACN,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,UAAU,CAAC,CACzC,CAAC;QAEJ,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,IAAI,GAAG,MAAM,SAAS,CAC1B,wEAAwE,EACxE,kBAAkB,CAAC,gBAAgB,EAAE,UAAU,CAAC,CACjD,CAAC;QACF,MAAM,OAAO,GAAG,IAAI,CAAC,OAAmD,CAAC;QACzE,OAAO;YACL,QAAQ,EAAE,UAAU;YACpB,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;YACnB,KAAK,EAAE,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC;YAC/B,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC;YAC7B,MAAM,EAAE,YAAY,CAAC,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC;YACxC,GAAG,EAAE,IAAI;YACT,MAAM,EAAE,gBAAgB;SACzB,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,MAAM,KAAK,GAA0B;IACnC,aAAa,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC;IAChC,QAAQ,EAAE,KAAK;IACf,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,KAAK;QAC9B,kBAAkB,CAAC,MAAM,CAAC,CAAC;QAC3B,OAAO,IAAI,KAAK,CACd,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,MAAM,EACb,MAAM,CAAC,KAAK,EACZ,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,EAC3C,WAAW,CACZ,CAAC,sBAAsB,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,aAAa,CAAC,CAAC;IACvE,CAAC;IACD,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI;QACtC,kBAAkB,CAAC,MAAM,CAAC,CAAC;QAC3B,MAAM,MAAM,GAAG,MAAM,IAAI,KAAK,CAC5B,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,MAAM,EACb,MAAM,CAAC,KAAK,EACZ,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,EAC3C,WAAW,CACZ,CAAC,yBAAyB,CAAC,IAAI,CAAC,CAAC;QAClC,IAAI,MAAM,CAAC,OAAO;YAChB,OAAO,YAAY,CACjB,OAAO,EACP,MAAM,EACN,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,CACtC,CAAC;QAEJ,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,MAAM,GAAG,gBAAgB,CAAC,OAAO;YACrC,CAAC,CAAE,aAAa,CAAC,gBAAgB,CAAC,OAAO,CAA6B;YACtE,CAAC,CAAC,EAAE,CAAC;QACP,OAAO;YACL,QAAQ,EAAE,OAAO;YACjB,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC;YACtB,KAAK,EAAE,YAAY,CAAC,MAAM,CAAC,KAAK,CAAC;YACjC,IAAI,EAAE,IAAI;YACV,MAAM,EAAE,IAAI;YACZ,GAAG,EAAE,MAAM;YACX,MAAM,EAAE,gBAAgB;SACzB,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,MAAM,OAAO,GAA0B;IACrC,aAAa,EAAE,CAAC,iBAAiB,EAAE,mBAAmB,CAAC;IACvD,QAAQ,EAAE,KAAK;IACf,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,KAAK;QAC9B,OAAO,IAAI,OAAO,CAChB,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,IAAI,EAC3B,WAAW,CACZ,CAAC,sBAAsB,CAAC,KAAK,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,aAAa,CAAC,CAAC;IAC7E,CAAC;IACD,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI;QACtC,MAAM,MAAM,GAAG,MAAM,IAAI,OAAO,CAC9B,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,IAAI,EAC3B,WAAW,CACZ,CAAC,yBAAyB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACxC,IAAI,MAAM,CAAC,OAAO;YAChB,OAAO,YAAY,CACjB,SAAS,EACT,MAAM,EACN,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,CACxC,CAAC;QAEJ,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,IAAI,GAAG,MAAM,SAAS,CAC1B,+BAA+B,EAC/B,kBAAkB,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAChD,CAAC;QACF,MAAM,MAAM,GAAG,IAAI,CAAC,MAA8C,CAAC;QACnE,OAAO;YACL,QAAQ,EAAE,SAAS;YACnB,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;YACnB,KAAK,EAAE,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC;YAC/B,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC;YACrC,MAAM,EAAE,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC;YACtC,GAAG,EAAE,IAAI;YACT,MAAM,EAAE,gBAAgB;SACzB,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,MAAM,MAAM,GAA0B;IACpC,aAAa,EAAE,CAAC,WAAW,CAAC;IAC5B,QAAQ,EAAE,KAAK;IACf,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,KAAK;QAC9B,OAAO,IAAI,MAAM,CACf,MAAM,CAAC,OAAO,IAAI,oBAAoB,EACtC,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,IAAI,EAC3B,WAAW,CACZ,CAAC,sBAAsB,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,aAAa,CAAC,CAAC;IACvE,CAAC;IACD,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI;QACtC,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,oBAAoB,CAAC;QACvD,MAAM,MAAM,GAAG,MAAM,IAAI,MAAM,CAC7B,OAAO,EACP,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,YAAY,IAAI,IAAI,EAC3B,WAAW,CACZ,CAAC,yBAAyB,CAAC,IAAI,CAAC,CAAC;QAClC,IAAI,MAAM,CAAC,OAAO;YAChB,OAAO,YAAY,CACjB,QAAQ,EACR,MAAM,EACN,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,QAAQ,CAAC,CACvC,CAAC;QAEJ,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,IAAI,GAAG,MAAM,SAAS,CAC1B,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,cAAc,EAC7C,kBAAkB,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CAC/C,CAAC;QACF,OAAO;YACL,QAAQ,EAAE,QAAQ;YAClB,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;YACnB,KAAK,EAAE,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC;YAC/B,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC;YAC5D,QAAQ,EAAE,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC;YACrC,MAAM,EAAE,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC;YACrC,GAAG,EAAE,IAAI;YACT,MAAM,EAAE,gBAAgB;SACzB,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,SAAS,YAAY,CACnB,QAAgB,EAChB,MAAoB,EACpB,OAAmD;IAEnD,OAAO,EAAE,GAAG,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;AAC5D,CAAC;AAED,SAAS,YAAY,CAAC,KAAc;IAClC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;AACtE,CAAC;AAED,MAAM,kBAAkB,GAA0C;IAChE,KAAK;IACL,OAAO;IACP,QAAQ;IACR,MAAM;IACN,MAAM;IACN,MAAM;IACN,QAAQ;IACR,SAAS;IACT,OAAO;IACP,OAAO;CACR,CAAC"}
package/dist/use-jwt.d.ts ADDED
@@ -0,0 +1,70 @@
1
+ import type { CookieOptions, Context } from "mates-fullstack";
2
+ import { type JwtPayload } from "mates-fullstack";
3
+ export type AuthDuration = number | string;
4
+ export interface AuthClaims extends JwtPayload {
5
+ /** Canonical user id used by useJWT. Mirrored to `sub` in JWTs. */
6
+ userId?: string;
7
+ /** Common display-name aliases. */
8
+ userName?: string;
9
+ username?: string;
10
+ name?: string;
11
+ email?: string;
12
+ roles?: string[];
13
+ [key: string]: unknown;
14
+ }
15
+ export interface AuthContext extends AuthClaims {
16
+ /** True only when `useJWT()` verified an access token or refreshed it. */
17
+ isAuthenticated?: boolean;
18
+ }
19
+ export interface JWTOptions {
20
+ /** JWT/HMAC secret. Falls back to AUTH_JWT_SECRET or JWT_SECRET. */
21
+ secret?: string;
22
+ /** Throw `AuthError(401)` when expired/invalid tokens require logout. Default: true. */
23
+ throwErrorIfTokensExpired?: boolean;
24
+ /** Access token cookie name. Default: "mates_access". */
25
+ accessCookieName?: string;
26
+ /** Refresh token cookie name. Default: "mates_refresh". */
27
+ refreshCookieName?: string;
28
+ /** Access token lifetime. Default: "15m". */
29
+ accessExpiresIn?: AuthDuration;
30
+ /** Refresh token lifetime. Default: "30d". */
31
+ refreshExpiresIn?: AuthDuration;
32
+ /** Cookie path. Default: "/". */
33
+ path?: string;
34
+ /** Cookie domain. */
35
+ domain?: string;
36
+ /** SameSite policy. Default: "lax". */
37
+ sameSite?: CookieOptions["sameSite"];
38
+ /** Secure flag. Default: true in production, false otherwise. */
39
+ secure?: boolean;
40
+ /** Refresh hook. Return fresh access claims, or null to force logout. */
41
+ onRefresh?: (userId: string, refreshPayload: JwtPayload, ctx: Context) => Promise<AuthClaims | null> | AuthClaims | null;
42
+ /** Optional post-verify hook for tokenVersion, disabled users, etc. */
43
+ onVerify?: (auth: AuthClaims, ctx: Context) => Promise<boolean> | boolean;
44
+ /** Extract the canonical user id from claims. */
45
+ getUserId?: (claims: Record<string, unknown>) => string | undefined;
46
+ /** Cookie names from older auth implementations to clear on logout and when no current tokens are present. */
47
+ legacyCookieNames?: string[];
48
+ }
49
+ export interface AuthLoginOptions extends Partial<JWTOptions> {
50
+ }
51
+ /**
52
+ * Register the JWT auth middleware. Call once at module level in
53
+ * server/main.ts. It verifies httpOnly access/refresh tokens, updates
54
+ * `ctx.auth`, and clears cookies on logout.
55
+ */
56
+ export declare function useJWT(options?: JWTOptions): void;
57
+ export declare const auth: {
58
+ /**
59
+ * Create access/refresh token pair, set httpOnly cookies, and update
60
+ * `ctx.auth` for this request.
61
+ */
62
+ login(ctx: Context, payload: AuthClaims, options?: AuthLoginOptions): Promise<{
63
+ accessToken: string;
64
+ refreshToken: string;
65
+ auth: AuthContext;
66
+ }>;
67
+ /** Clear access and refresh cookies. */
68
+ logout(ctx: Context, options?: Partial<JWTOptions>): void;
69
+ };
70
+ //# sourceMappingURL=use-jwt.d.ts.map
package/dist/use-jwt.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"use-jwt.d.ts","sourceRoot":"","sources":["../src/use-jwt.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AAE9D,OAAO,EAAO,KAAK,UAAU,EAAuB,MAAM,iBAAiB,CAAC;AAG5E,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,MAAM,CAAC;AAE3C,MAAM,WAAW,UAAW,SAAQ,UAAU;IAC5C,mEAAmE;IACnE,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,mCAAmC;IACnC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,WAAY,SAAQ,UAAU;IAC7C,0EAA0E;IAC1E,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED,MAAM,WAAW,UAAU;IACzB,oEAAoE;IACpE,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,wFAAwF;IACxF,yBAAyB,CAAC,EAAE,OAAO,CAAC;IACpC,yDAAyD;IACzD,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,2DAA2D;IAC3D,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,6CAA6C;IAC7C,eAAe,CAAC,EAAE,YAAY,CAAC;IAC/B,8CAA8C;IAC9C,gBAAgB,CAAC,EAAE,YAAY,CAAC;IAChC,iCAAiC;IACjC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,qBAAqB;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,uCAAuC;IACvC,QAAQ,CAAC,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC;IACrC,iEAAiE;IACjE,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,yEAAyE;IACzE,SAAS,CAAC,EAAE,CACV,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,UAAU,EAC1B,GAAG,EAAE,OAAO,KACT,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,GAAG,UAAU,GAAG,IAAI,CAAC;IACpD,uEAAuE;IACvE,QAAQ,CAAC,EAAE,CAAC,IAAI,EAAE,UAAU,EAAE,GAAG,EAAE,OAAO,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC;IAC1E,iDAAiD;IACjD,SAAS,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,MAAM,GAAG,SAAS,CAAC;IACpE,8GAA8G;IAC9G,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC9B;AAED,MAAM,WAAW,gBAAiB,SAAQ,OAAO,CAAC,UAAU,CAAC;CAAG;AAwBhE;;;;GAIG;AACH,wBAAgB,MAAM,CAAC,OAAO,GAAE,UAAe,GAAG,IAAI,CAOrD;AAED,eAAO,MAAM,IAAI;IACf;;;OAGG;eAEI,OAAO,WACH,UAAU,YACV,gBAAgB,GACxB,OAAO,CAAC;QACT,WAAW,EAAE,MAAM,CAAC;QACpB,YAAY,EAAE,MAAM,CAAC;QACrB,IAAI,EAAE,WAAW,CAAC;KACnB,CAAC;IAWF,wCAAwC;gBAC5B,OAAO,YAAW,OAAO,CAAC,UAAU,CAAC,GAAQ,IAAI;CAK9D,CAAC"}